diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2023-11-13 11:46:25 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2023-11-13 11:46:25 +0000 |
| commit | ef8e778fd358e15247d2fd83a8de8878ba174bff (patch) | |
| tree | cd4f1919a049e550b2b54d6e23b39ca0ab41ad42 /usr.sbin/ocspcheck | |
| parent | b22bbdf0478a278b2a791f9eb29d969fa1a45c94 (diff) | |
Replace ASN1_time_parse() with ASN1_TIME_to_tm()
Like in libtls, we use ASN1_GENERALIZEDTIME_check() to ensure we actually
have a GeneralizedTime.
ok beck
Diffstat (limited to 'usr.sbin/ocspcheck')
| -rw-r--r-- | usr.sbin/ocspcheck/ocspcheck.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/usr.sbin/ocspcheck/ocspcheck.c b/usr.sbin/ocspcheck/ocspcheck.c index 516642b53f4..234f3d22f63 100644 --- a/usr.sbin/ocspcheck/ocspcheck.c +++ b/usr.sbin/ocspcheck/ocspcheck.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ocspcheck.c,v 1.31 2022/12/28 21:30:17 jmc Exp $ */ +/* $OpenBSD: ocspcheck.c,v 1.32 2023/11/13 11:46:24 tb Exp $ */ /* * Copyright (c) 2017,2020 Bob Beck <beck@openbsd.org> @@ -189,8 +189,9 @@ parse_ocsp_time(ASN1_GENERALIZEDTIME *gt) if (gt == NULL) return -1; /* RFC 6960 specifies that all times in OCSP must be GENERALIZEDTIME */ - if (ASN1_time_parse(gt->data, gt->length, &tm, - V_ASN1_GENERALIZEDTIME) == -1) + if (!ASN1_GENERALIZEDTIME_check(gt)) + return -1; + if (!ASN1_TIME_to_tm(gt, &tm)) return -1; if ((rv = timegm(&tm)) == -1) return -1; |